Subscription to the full report on a daily basis can be obtained:
Send an eMail to dhsdailyadmin@mail.dhs.osis.gov with the subject "DHS Daily Open Source Infrastructure Report" and the following line in the body...subscribe.
To obtain a complete copy of the current report proceed to the DHS link below.
To obtain reports more than 10 business days old, send an eMail to DHS_Reports@e-computer-security.com. Be specific as to the reports you wish to receive.

• CNet News reports that the Department of Defense has commissioned the development of a simulation-based planning and training software application to help it to prepare for the next influenza pandemic. The game will allow health care professionals and the military to practice response tactics and plot "local mitigation strategies." (See item 21)

21. November 28, CNet News – (National) Gaming the next pandemic. The Department of Defense (DOD) has commissioned the development of a simulation-based planning and training software application to help it to prepare for the next influenza pandemic. The game will allow health care professionals and the military to recognize early signs of an outbreak, practice response tactics and plot "local mitigation strategies" to limit the spread of disease, according to the developer SimQuest, a technology-assisted education and training company. The consequences of a worldwide pandemic are hard to predict because the biological characteristics of the virus are unknown, but the 1918 Spanish flu killed more American soldiers than WW I. A pandemic in the United States could result in 20-35 percent of the population becoming ill, according to government estimates. The role of the military will include supporting domestic infrastructure and maintaining law and order, according to the DOD Implementation Plan for Pandemic Influenza. Source: http://news.cnet.com/8301-13639_3-10109547-42.html

• According to the New York Times, the Mumbai police said that the attacks in the city had killed at least 101 people and wounded at least 250. Deccan Mujihadeen, a previously unknown group that claimed responsibility, appeared to be singling out Americans and Britons as hostages. (See item 31)

31. November 26, New York Times – (International) At least 100 dead in terror attacks. Coordinated terrorist attacks struck the heart of Mumbai, India’s commercial capital, on Wednesday night, killing dozens in machine-gun and grenade assaults on at least two five-star hotels, the city’s largest train station, a Jewish center, a movie theater and a hospital. The Mumbai police said Thursday that the attacks killed at least 101 people and wounded at least 250. Guests who had escaped the hotels told television stations that the attackers were taking hostages, singling out Americans and Britons. Deccan Mujahedeen, a previously unknown group claimed responsibility, though that claim could not be confirmed. It remained unclear whether there was any link to outside terrorist groups. Hours after the assaults began, the landmark Taj Mahal Palace & Tower Hotel, next to the famed waterfront monument the Gateway of India, was in flames. Fire also raged inside the luxurious Oberoi Hotel, according to the police. Source: http://www.nytimes.com/2008/11/27/world/asia/27mumbai.html?scp=8&sq=mumbai%20&st=cse

Details

Banking and Finance Sector

7. November 26, Bloomberg – (National) FDIC lets firms without charters bid for bank assets. Investors including private-equity firms may find it easier to acquire U.S. banks after the Federal Deposit Insurance Corp. said it will let groups without charters bid for the deposits and assets of failing lenders. The FDIC change, announced in a press release Wednesday, will help ensure “failing institutions are resolved in a manner that will result in the least cost to the Deposit Insurance Fund” by marketing assets to “known, qualified and interested bidders.” U.S. regulators this year have seized 22 banks, the most since 1993, amid a credit crunch that fueled more than $968 billion in financial-company losses and writedowns since 2007. The Office of the Comptroller of the Currency on November 21 granted a new type of national bank charter called a “shelf charter,” also designed to find buyers for failed lenders. Source: http://www.bloomberg.com/apps/news?pid=20601087&sid=acrAx7aHTPwU&refer=home

8. November 26, Internetnews.com – (National) ID thieves hit federal credit unions, consumers. An international identity theft ring is being accused of stealing funds from the credit unions for the U.S. Senate, Navy, Pentagon and State Department, while also having separately made off with millions from consumers' home equity lines of credit. Several arrests have already been made in a case that has prompted U.S. attorneys in several states to join forces with the FBI, the Secret Service, U.S. Postal Inspectors and local police departments to hunt the crooks, according to Department of Justice (DoJ) officials. So far, four men in three states have been arrested on charges of engaging in an international conspiracy relating to the theft of money from home equity lines of credit. According to law enforcement officials, the men illegally withdrew a total of more than $2.5 million from various victims' home equity lines of credit and were trying to withdraw at least another $4 million. "There may be other numbers, but I am not at liberty to talk about that just now," an assistant U.S. attorney for the District of New Jersey who is involved in prosecuting the men, told InternetNews.com. Source: http://www.internetnews.com/security/article.php/3787526/ID+Thieves+Hit+Federal+Credit+Unions+Consumers.htm

Information Technology

29. November 27, VNUNet – (International) Spam levels to rise as Srizbi botnet returns. The fall in global spam levels after the shutting of web hosting company McColo looks to be short-lived after researchers reported that the Srizbi botnet has been reactivated. Researchers at security consultants FireEye are warning that Srizbi, and other botnets, have been reactivated. "Srizbi has returned from the dead and began updating all itsbots with a fresh new binary just a few hours ago," FireEye reported. "In the coming days, many journalists and researchers will ask how it is possible that the largest botnet in the world was allowed to update itself, when a security firm had near complete control over it. This is an interesting angle that we'll be exploring once all the technical facts are out on the table." The Srizbi botnet command and control systems were initially put back online in Estonia, but have since been taken down. The researchers also reported that the Rustock rootkit is also back in circulation and is sending a variety of spam based on social engineering and the sale of medical products. Source: http://www.vnunet.com/vnunet/news/2231392/spam-levels-expected-rise

Links

About Me

U.S. Army Retired Chief Warrant Officer with more than 40 years in information technology and 35 years in information security. Became a Certified Information Systems Security Professional in 1995 and have taught computer security in Asia, Canada and the United States. Wrote a computer security column for 5 years in the 1980s titled "for the Sake Of Security", penname R. E. (Bob) Johnston, which was published in Computer Decisions.
Motto: "When entrusted to process, you are obligated to safeguard"